Python wrapper: support for inbound group sessions
This commit is contained in:
parent
fc4756ddf1
commit
846ab858a6
4 changed files with 162 additions and 7 deletions
|
@ -1,3 +1,4 @@
|
||||||
from .account import Account
|
from .account import Account
|
||||||
from .session import Session
|
from .session import Session
|
||||||
from .outbound_group_session import OutboundGroupSession
|
from .outbound_group_session import OutboundGroupSession
|
||||||
|
from .inbound_group_session import InboundGroupSession
|
||||||
|
|
|
@ -210,14 +210,43 @@ def build_arg_parser():
|
||||||
outbound_group.add_argument("session_file", help="Local group session file")
|
outbound_group.add_argument("session_file", help="Local group session file")
|
||||||
outbound_group.set_defaults(func=do_outbound_group)
|
outbound_group.set_defaults(func=do_outbound_group)
|
||||||
|
|
||||||
|
group_credentials = commands.add_parser("group_credentials", help="Export the current outbound group session credentials")
|
||||||
|
group_credentials.add_argument("session_file", help="Local outbound group session file")
|
||||||
|
group_credentials.add_argument("credentials_file", help="File to write credentials to (default stdout)",
|
||||||
|
type=argparse.FileType('w'), nargs='?',
|
||||||
|
default=sys.stdout)
|
||||||
|
group_credentials.set_defaults(func=do_group_credentials)
|
||||||
|
|
||||||
group_encrypt = commands.add_parser("group_encrypt", help="Encrypt a group message")
|
group_encrypt = commands.add_parser("group_encrypt", help="Encrypt a group message")
|
||||||
group_encrypt.add_argument("session_file", help="Local group session file")
|
group_encrypt.add_argument("session_file", help="Local outbound group session file")
|
||||||
group_encrypt.add_argument("plaintext_file", help="Plaintext",
|
group_encrypt.add_argument("plaintext_file", help="Plaintext file (default stdin)",
|
||||||
type=argparse.FileType('rb'), default=sys.stdin)
|
type=argparse.FileType('rb'), nargs='?',
|
||||||
group_encrypt.add_argument("message_file", help="Message",
|
default=sys.stdin)
|
||||||
type=argparse.FileType('wb'), default=sys.stdout)
|
group_encrypt.add_argument("message_file", help="Message file (default stdout)",
|
||||||
|
type=argparse.FileType('w'), nargs='?',
|
||||||
|
default=sys.stdout)
|
||||||
group_encrypt.set_defaults(func=do_group_encrypt)
|
group_encrypt.set_defaults(func=do_group_encrypt)
|
||||||
|
|
||||||
|
inbound_group = commands.add_parser(
|
||||||
|
"inbound_group",
|
||||||
|
help=("Create an inbound group session based on credentials from an "+
|
||||||
|
"outbound group session"))
|
||||||
|
inbound_group.add_argument("session_file", help="Local inbound group session file")
|
||||||
|
inbound_group.add_argument("credentials_file",
|
||||||
|
help="File to read credentials from (default stdin)",
|
||||||
|
type=argparse.FileType('r'), nargs='?',
|
||||||
|
default=sys.stdin)
|
||||||
|
inbound_group.set_defaults(func=do_inbound_group)
|
||||||
|
|
||||||
|
group_decrypt = commands.add_parser("group_decrypt", help="Decrypt a group message")
|
||||||
|
group_decrypt.add_argument("session_file", help="Local inbound group session file")
|
||||||
|
group_decrypt.add_argument("message_file", help="Message file (default stdin)",
|
||||||
|
type=argparse.FileType('r'), nargs='?',
|
||||||
|
default=sys.stdin)
|
||||||
|
group_decrypt.add_argument("plaintext_file", help="Plaintext file (default stdout)",
|
||||||
|
type=argparse.FileType('wb'), nargs='?',
|
||||||
|
default=sys.stdout)
|
||||||
|
group_decrypt.set_defaults(func=do_group_decrypt)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def do_outbound_group(args):
|
def do_outbound_group(args):
|
||||||
|
@ -240,6 +269,43 @@ def do_group_encrypt(args):
|
||||||
f.write(session.pickle(args.key))
|
f.write(session.pickle(args.key))
|
||||||
args.message_file.write(message)
|
args.message_file.write(message)
|
||||||
|
|
||||||
|
def do_group_credentials(args):
|
||||||
|
session = OutboundGroupSession()
|
||||||
|
with open(args.session_file, "rb") as f:
|
||||||
|
session.unpickle(args.key, f.read())
|
||||||
|
result = {
|
||||||
|
'message_index': session.message_index(),
|
||||||
|
'session_key': session.session_key(),
|
||||||
|
}
|
||||||
|
json.dump(result, args.credentials_file, indent=4)
|
||||||
|
|
||||||
|
def do_inbound_group(args):
|
||||||
|
if os.path.exists(args.session_file):
|
||||||
|
sys.stderr.write("Session %r file already exists\n" % (
|
||||||
|
args.session_file,
|
||||||
|
))
|
||||||
|
sys.exit(1)
|
||||||
|
credentials = json.load(args.credentials_file)
|
||||||
|
for k in ('message_index', 'session_key'):
|
||||||
|
if not k in credentials:
|
||||||
|
sys.stderr.write("Credentials file is missing %s\n" % k)
|
||||||
|
sys.exit(1);
|
||||||
|
|
||||||
|
session = InboundGroupSession()
|
||||||
|
session.init(credentials['message_index'], credentials['session_key'])
|
||||||
|
with open(args.session_file, "wb") as f:
|
||||||
|
f.write(session.pickle(args.key))
|
||||||
|
|
||||||
|
def do_group_decrypt(args):
|
||||||
|
session = InboundGroupSession()
|
||||||
|
with open(args.session_file, "rb") as f:
|
||||||
|
session.unpickle(args.key, f.read())
|
||||||
|
message = args.message_file.read()
|
||||||
|
plaintext = session.decrypt(message)
|
||||||
|
with open(args.session_file, "wb") as f:
|
||||||
|
f.write(session.pickle(args.key))
|
||||||
|
args.plaintext_file.write(plaintext)
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = build_arg_parser()
|
parser = build_arg_parser()
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
86
python/olm/inbound_group_session.py
Normal file
86
python/olm/inbound_group_session.py
Normal file
|
@ -0,0 +1,86 @@
|
||||||
|
import json
|
||||||
|
|
||||||
|
from ._base import *
|
||||||
|
|
||||||
|
lib.olm_inbound_group_session_size.argtypes = []
|
||||||
|
lib.olm_inbound_group_session_size.restype = c_size_t
|
||||||
|
|
||||||
|
lib.olm_inbound_group_session.argtypes = [c_void_p]
|
||||||
|
lib.olm_inbound_group_session.restype = c_void_p
|
||||||
|
|
||||||
|
lib.olm_inbound_group_session_last_error.argtypes = [c_void_p]
|
||||||
|
lib.olm_inbound_group_session_last_error.restype = c_char_p
|
||||||
|
|
||||||
|
def inbound_group_session_errcheck(res, func, args):
|
||||||
|
if res == ERR:
|
||||||
|
raise OlmError("%s: %s" % (
|
||||||
|
func.__name__, lib.olm_inbound_group_session_last_error(args[0])
|
||||||
|
))
|
||||||
|
return res
|
||||||
|
|
||||||
|
|
||||||
|
def inbound_group_session_function(func, *types):
|
||||||
|
func.argtypes = (c_void_p,) + types
|
||||||
|
func.restypes = c_size_t
|
||||||
|
func.errcheck = inbound_group_session_errcheck
|
||||||
|
|
||||||
|
|
||||||
|
inbound_group_session_function(
|
||||||
|
lib.olm_pickle_inbound_group_session, c_void_p, c_size_t, c_void_p, c_size_t
|
||||||
|
)
|
||||||
|
inbound_group_session_function(
|
||||||
|
lib.olm_unpickle_inbound_group_session, c_void_p, c_size_t, c_void_p, c_size_t
|
||||||
|
)
|
||||||
|
|
||||||
|
inbound_group_session_function(
|
||||||
|
lib.olm_init_inbound_group_session, c_uint32, c_void_p, c_size_t
|
||||||
|
)
|
||||||
|
|
||||||
|
inbound_group_session_function(
|
||||||
|
lib.olm_group_decrypt_max_plaintext_length, c_void_p, c_size_t
|
||||||
|
)
|
||||||
|
inbound_group_session_function(
|
||||||
|
lib.olm_group_decrypt,
|
||||||
|
c_void_p, c_size_t, # message
|
||||||
|
c_void_p, c_size_t, # plaintext
|
||||||
|
)
|
||||||
|
|
||||||
|
class InboundGroupSession(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.buf = create_string_buffer(lib.olm_inbound_group_session_size())
|
||||||
|
self.ptr = lib.olm_inbound_group_session(self.buf)
|
||||||
|
|
||||||
|
def pickle(self, key):
|
||||||
|
key_buffer = create_string_buffer(key)
|
||||||
|
pickle_length = lib.olm_pickle_inbound_group_session_length(self.ptr)
|
||||||
|
pickle_buffer = create_string_buffer(pickle_length)
|
||||||
|
lib.olm_pickle_inbound_group_session(
|
||||||
|
self.ptr, key_buffer, len(key), pickle_buffer, pickle_length
|
||||||
|
)
|
||||||
|
return pickle_buffer.raw
|
||||||
|
|
||||||
|
def unpickle(self, key, pickle):
|
||||||
|
key_buffer = create_string_buffer(key)
|
||||||
|
pickle_buffer = create_string_buffer(pickle)
|
||||||
|
lib.olm_unpickle_inbound_group_session(
|
||||||
|
self.ptr, key_buffer, len(key), pickle_buffer, len(pickle)
|
||||||
|
)
|
||||||
|
|
||||||
|
def init(self, message_index, session_key):
|
||||||
|
key_buffer = create_string_buffer(session_key)
|
||||||
|
lib.olm_init_inbound_group_session(
|
||||||
|
self.ptr, message_index, key_buffer, len(session_key)
|
||||||
|
)
|
||||||
|
|
||||||
|
def decrypt(self, message):
|
||||||
|
message_buffer = create_string_buffer(message)
|
||||||
|
max_plaintext_length = lib.olm_group_decrypt_max_plaintext_length(
|
||||||
|
self.ptr, message_buffer, len(message)
|
||||||
|
)
|
||||||
|
plaintext_buffer = create_string_buffer(max_plaintext_length)
|
||||||
|
message_buffer = create_string_buffer(message)
|
||||||
|
plaintext_length = lib.olm_group_decrypt(
|
||||||
|
self.ptr, message_buffer, len(message),
|
||||||
|
plaintext_buffer, max_plaintext_length
|
||||||
|
)
|
||||||
|
return plaintext_buffer.raw[:plaintext_length]
|
|
@ -7,10 +7,11 @@ ALICE_SESSION=alice.session
|
||||||
ALICE_GROUP_SESSION=alice.group_session
|
ALICE_GROUP_SESSION=alice.group_session
|
||||||
BOB_ACCOUNT=bob.account
|
BOB_ACCOUNT=bob.account
|
||||||
BOB_SESSION=bob.session
|
BOB_SESSION=bob.session
|
||||||
|
BOB_GROUP_SESSION=bob.group_session
|
||||||
|
|
||||||
rm $ALICE_ACCOUNT $BOB_ACCOUNT
|
rm $ALICE_ACCOUNT $BOB_ACCOUNT
|
||||||
rm $ALICE_SESSION $BOB_SESSION
|
rm $ALICE_SESSION $BOB_SESSION
|
||||||
rm $ALICE_GROUP_SESSION
|
rm $ALICE_GROUP_SESSION $BOB_GROUP_SESSION
|
||||||
|
|
||||||
$OLM create_account $ALICE_ACCOUNT
|
$OLM create_account $ALICE_ACCOUNT
|
||||||
$OLM create_account $BOB_ACCOUNT
|
$OLM create_account $BOB_ACCOUNT
|
||||||
|
@ -27,4 +28,5 @@ echo "Hello world" | $OLM encrypt $ALICE_SESSION - - | $OLM inbound $BOB_ACCOUNT
|
||||||
### group sessions
|
### group sessions
|
||||||
|
|
||||||
$OLM outbound_group $ALICE_GROUP_SESSION
|
$OLM outbound_group $ALICE_GROUP_SESSION
|
||||||
echo "Hello world" | $OLM group_encrypt $ALICE_GROUP_SESSION - -
|
$OLM group_credentials $ALICE_GROUP_SESSION | $OLM inbound_group $BOB_GROUP_SESSION
|
||||||
|
echo "Hello group" | $OLM group_encrypt $ALICE_GROUP_SESSION - - | $OLM group_decrypt $BOB_GROUP_SESSION
|
||||||
|
|
Loading…
Reference in a new issue